Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(300)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: crypto/hmac.cc

Issue 1924093006: Removing crypto/third_party/nss/ and removing crypto _win files (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Remove unused sources. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « crypto/hmac.h ('k') | crypto/hmac_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "crypto/hmac.h" 5 #include "crypto/hmac.h"
6 6
7 #include <openssl/hmac.h>
7 #include <stddef.h> 8 #include <stddef.h>
8 9
9 #include <algorithm> 10 #include <algorithm>
10 #include <memory>
11 11
12 #include "base/logging.h" 12 #include "base/logging.h"
13 #include "base/stl_util.h"
14 #include "crypto/openssl_util.h"
13 #include "crypto/secure_util.h" 15 #include "crypto/secure_util.h"
14 #include "crypto/symmetric_key.h" 16 #include "crypto/symmetric_key.h"
15 17
16 namespace crypto { 18 namespace crypto {
17 19
18 bool HMAC::Init(SymmetricKey* key) { 20 HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg), initialized_(false) {
19 std::string raw_key; 21 // Only SHA-1 and SHA-256 hash algorithms are supported now.
20 bool result = key->GetRawKey(&raw_key) && Init(raw_key); 22 DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
21 // Zero out key copy. This might get optimized away, but one can hope. 23 }
22 // Using std::string to store key info at all is a larger problem. 24
23 std::fill(raw_key.begin(), raw_key.end(), 0); 25 HMAC::~HMAC() {
24 return result; 26 // Zero out key copy.
27 key_.assign(key_.size(), 0);
28 STLClearObject(&key_);
25 } 29 }
26 30
27 size_t HMAC::DigestLength() const { 31 size_t HMAC::DigestLength() const {
28 switch (hash_alg_) { 32 switch (hash_alg_) {
29 case SHA1: 33 case SHA1:
30 return 20; 34 return 20;
31 case SHA256: 35 case SHA256:
32 return 32; 36 return 32;
33 default: 37 default:
34 NOTREACHED(); 38 NOTREACHED();
35 return 0; 39 return 0;
36 } 40 }
37 } 41 }
38 42
43 bool HMAC::Init(const unsigned char* key, size_t key_length) {
44 // Init must not be called more than once on the same HMAC object.
45 DCHECK(!initialized_);
46 initialized_ = true;
47 key_.assign(key, key + key_length);
48 return true;
49 }
50
51 bool HMAC::Init(SymmetricKey* key) {
52 std::string raw_key;
53 bool result = key->GetRawKey(&raw_key) && Init(raw_key);
54 // Zero out key copy. This might get optimized away, but one can hope.
55 // Using std::string to store key info at all is a larger problem.
56 std::fill(raw_key.begin(), raw_key.end(), 0);
57 return result;
58 }
59
60 bool HMAC::Sign(const base::StringPiece& data,
61 unsigned char* digest,
62 size_t digest_length) const {
63 DCHECK(initialized_);
64
65 ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);
66 return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(),
67 key_.data(), key_.size(),
68 reinterpret_cast<const unsigned char*>(data.data()),
69 data.size(), result.safe_buffer(), NULL);
70 }
71
39 bool HMAC::Verify(const base::StringPiece& data, 72 bool HMAC::Verify(const base::StringPiece& data,
40 const base::StringPiece& digest) const { 73 const base::StringPiece& digest) const {
41 if (digest.size() != DigestLength()) 74 if (digest.size() != DigestLength())
42 return false; 75 return false;
43 return VerifyTruncated(data, digest); 76 return VerifyTruncated(data, digest);
44 } 77 }
45 78
46 bool HMAC::VerifyTruncated(const base::StringPiece& data, 79 bool HMAC::VerifyTruncated(const base::StringPiece& data,
47 const base::StringPiece& digest) const { 80 const base::StringPiece& digest) const {
48 if (digest.empty()) 81 if (digest.empty())
49 return false; 82 return false;
50 size_t digest_length = DigestLength(); 83 size_t digest_length = DigestLength();
51 std::unique_ptr<unsigned char[]> computed_digest( 84 std::unique_ptr<unsigned char[]> computed_digest(
52 new unsigned char[digest_length]); 85 new unsigned char[digest_length]);
53 if (!Sign(data, computed_digest.get(), digest_length)) 86 if (!Sign(data, computed_digest.get(), digest_length))
54 return false; 87 return false;
55 88
56 return SecureMemEqual(digest.data(), computed_digest.get(), 89 return SecureMemEqual(digest.data(), computed_digest.get(),
57 std::min(digest.size(), digest_length)); 90 std::min(digest.size(), digest_length));
58 } 91 }
59 92
60 } // namespace crypto 93 } // namespace crypto
OLDNEW
« no previous file with comments | « crypto/hmac.h ('k') | crypto/hmac_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698